GAQM CEH-001 Online Practice Questions and Exam Preparation

GAQM CEH-001 Online Questions & Answers

• Question 401:

  Kevin has been asked to write a short program to gather user input for a web application. He likes to keep his code neat and simple. He chooses to use printf(str) where he should have ideally used printf(?s? str). What attack will his program expose the web application to?

  A. Cross Site Scripting
  B. SQL injection Attack
  C. Format String Attack
  D. Unicode Traversal Attack
  C. Format String Attack

• Question 402:

  What are the two basic types of attacks? (Choose two.

  A. DoS
  B. Passive
  C. Sniffing
  D. Active
  E. Cracking
  B. Passive
  D. Active

• Question 403:

  Which of the following descriptions is true about a static NAT?

  A. A static NAT uses a many-to-many mapping.
  B. A static NAT uses a one-to-many mapping.
  C. A static NAT uses a many-to-one mapping.
  D. A static NAT uses a one-to-one mapping.
  D. A static NAT uses a one-to-one mapping.

• Question 404:

  Which statement best describes a server type under an N-tier architecture?

  A. A group of servers at a specific layer
  B. A single server with a specific role
  C. A group of servers with a unique role
  D. A single server at a specific layer
  C. A group of servers with a unique role

• Question 405:

  Harold works for Jacobson Unlimited in the IT department as the security manager. Harold has created a security policy requiring all employees to use complex 14 character passwords. Unfortunately, the members of management do not want to have to use such long complicated passwords so they tell Harold's boss this new password policy should not apply to them. To comply with the management's wishes, the IT department creates another Windows domain and moves all the management users to that domain. This new domain has a password policy only requiring 8 characters. Harold is concerned about having to accommodate the managers, but cannot do anything about it. Harold is also concerned about using LanManager security on his network instead of NTLM or NTLMv2, but the many legacy applications on the network prevent using the more secure NTLM and NTLMv2. Harold pulls the SAM files from the DC's on the original domain and the new domain using Pwdump6.

  Harold uses the password cracking software John the Ripper to crack users' passwords to make sure they are strong enough. Harold expects that the users' passwords in the original domain will take much longer to crack than the management's passwords in the new domain. After running the software, Harold discovers that the 14 character passwords only took a short time longer to crack than the 8 character passwords.

  Why did the 14 character passwords not take much longer to crack than the 8 character passwords?

  A. Harold should have used Dumpsec instead of Pwdump6
  B. Harold's dictionary file was not large enough
  C. Harold should use LC4 instead of John the Ripper
  D. LanManger hashes are broken up into two 7 character fields
  D. LanManger hashes are broken up into two 7 character fields

• Question 406:

  You want to use netcat to generate huge amount of useless network data continuously for various performance testing between 2 hosts. Which of the following commands accomplish this?

  A. Machine A #yes AAAAAAAAAAAAAAAAAAAAAA | nc 2222 > /dev/null Machine B #yes BBBBBBBBBBBBBBBBBBBBBB | nc machinea 2222 > /dev/null
  B. Machine A cat somefile | nc 2222 Machine B cat somefile | nc othermachine 2222
  C. Machine A nc 1234 | uncompress | tar xvfp Machine B tar cfp - /some/dir | compress | nc 3 machinea 1234
  D. Machine A while true : do nc 6000 machineb 2 Machine B while true ; do nc 6000 machinea 2 done
  A. Machine A #yes AAAAAAAAAAAAAAAAAAAAAA | nc 2222 > /dev/null Machine B #yes BBBBBBBBBBBBBBBBBBBBBB | nc machinea 2222 > /dev/null

• Question 407:

  While scanning a network you observe that all of the web servers in the DMZ are responding to ACK packets on port 80. What can you infer from this observation?

  A. They are using Windows based web servers.
  B. They are using UNIX based web servers.
  C. They are not using an intrusion detection system.
  D. They are not using a stateful inspection firewall.
  D. They are not using a stateful inspection firewall.

• Question 408:

  A consultant is hired to do physical penetration testing at a large financial company. In the first day of his assessment, the consultant goes to the company`s building dressed like an electrician and waits in the lobby for an employee to pass through the main access gate, then the consultant follows the employee behind to get into the restricted area. Which type of attack did the consultant perform?

  A. Man trap
  B. Tailgating
  C. Shoulder surfing
  D. Social engineering
  B. Tailgating

• Question 409:

  You have just received an assignment for an assessment at a company site. Company's management is concerned about external threat and wants to take appropriate steps to insure security is in place. Anyway the management is also worried about possible threats coming from inside the site, specifically from employees belonging to different Departments. What kind of assessment will you be performing ?

  A. Black box testing
  B. Black hat testing
  C. Gray box testing
  D. Gray hat testing
  E. White box testing
  F. White hat testing
  C. Gray box testing

• Question 410:

  What framework architecture is shown in this exhibit?

  

  A. Core Impact
  B. Metasploit
  C. Immunity Canvas
  D. Nessus
  B. Metasploit